Class: MinimalJwt::JWT

Inherits:

Object

• Object
• MinimalJwt::JWT

Defined in:

lib/minimal_jwt/jwt.rb

Instance Attribute Summary

• #token ⇒ Object

  Returns the value of attribute token.

Class Method Summary

• .base64_encode(content) ⇒ Object
• .encode(algorithm: Algorithm::HS256, payload:) ⇒ Object
• .secret ⇒ Object
• .signature(algorithm, secret, data_to_sign) ⇒ Object

Instance Method Summary

• #header ⇒ Object
• #initialize(token:) ⇒ JWT constructor

  A new instance of JWT.

• #payload ⇒ Object
• #signature_verified? ⇒ Boolean
• #valid? ⇒ Boolean

Constructor Details

#initialize(token:) ⇒ JWT

Returns a new instance of JWT.

# File 'lib/minimal_jwt/jwt.rb', line 9

def initialize(token:)
  @token = token
  header, payload, signature = @token.split('.')
  @header = header
  @payload = payload
  @signature = signature
end

Instance Attribute Details

#token ⇒ Object

Returns the value of attribute token.

# File 'lib/minimal_jwt/jwt.rb', line 7

def token
  @token
end

Class Method Details

.base64_encode(content) ⇒ Object

# File 'lib/minimal_jwt/jwt.rb', line 78

def self.base64_encode(content)
  Base64.urlsafe_encode64(content).tr('=', '')
end

.encode(algorithm: Algorithm::HS256, payload:) ⇒ Object

Raises:

• (InvalidPayloadError)

# File 'lib/minimal_jwt/jwt.rb', line 51

def self.encode(algorithm: Algorithm::HS256, payload:)
  raise InvalidPayloadError.new('Payload should be a hash') unless payload.is_a?(Hash)

  header = {
    alg: algorithm,
    typ: :JWT
  }
  encoded_header = base64_encode(header.to_json)
  encoded_payload = base64_encode(payload.to_json)
  data_to_sign = "#{encoded_header}.#{encoded_payload}"

  encoded_signature = base64_encode(signature(algorithm, secret, data_to_sign))

  JWT.new(token: "#{data_to_sign}.#{encoded_signature}")
end

.secret ⇒ Object

# File 'lib/minimal_jwt/jwt.rb', line 82

def self.secret
  ENV['MINIMAL_JWT_SIGNATURE_SECRET'] || ''
end

.signature(algorithm, secret, data_to_sign) ⇒ Object

# File 'lib/minimal_jwt/jwt.rb', line 69

def self.signature(algorithm, secret, data_to_sign)
  case algorithm
  when Algorithm::HS256
    OpenSSL::HMAC.digest('sha256', secret, data_to_sign)
  else
    raise UnsupportedSigningAlgorithmError.new("Sorry! Signing with #{algorithm.to_s} is not supported yet")
  end
end

Instance Method Details

#header ⇒ Object

Raises:

• (InvalidJwtError)

# File 'lib/minimal_jwt/jwt.rb', line 31

def header
  raise InvalidJwtError unless valid?

  JSON.parse(base64_decode(@header))
end

#payload ⇒ Object

Raises:

• (InvalidJwtError)

# File 'lib/minimal_jwt/jwt.rb', line 37

def payload
  raise InvalidJwtError unless valid?

  JSON.parse(base64_decode(@payload))
end

#signature_verified? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/minimal_jwt/jwt.rb', line 43

def signature_verified?
  return false unless valid?

  data_to_verify = "#{@header}.#{@payload}"
  calculated_encoded_signature = base64_encode(signature(Algorithm::HS256, secret, data_to_verify))
  calculated_encoded_signature == @signature
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/minimal_jwt/jwt.rb', line 17

def valid?
  return false if @token.nil?
  return false if @header.nil? || @payload.nil? || @signature.nil?

  begin
    base64_decode(@header)
    base64_decode(@payload)
    base64_decode(@signature)
    true
  rescue StandardError
    false
  end
end